API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 26th, 2019
88
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.93 KB | None | 0 0
raw download clone embed print report
  1. --[[
  2.  
  3. LuCI Snort module
  4.  
  5. Copyright (C) 2015, Itus Networks, Inc.
  6.  
  7. Licensed under the Apache License, Version 2.0 (the "License");
  8. you may not use this file except in compliance with the License.
  9. You may obtain a copy of the License at
  10.  
  11. http://www.apache.org/licenses/LICENSE-2.0
  12.  
  13. Author: Luka Perkov <luka@openwrt.org>
  14.  
  15. Version 4:
  16. Redo some of the system calls and file paths for the updated Firmware
  17.  
  18. version 3
  19. Modified by Roadrunnere42 added if then statement to choose which mode the shield's in and display in >>services >> intrusion prevention window
  20. either one snort config file or 2 snort config files if running in router mode.
  21.  
  22. version 2
  23. Modified by Roadrunnere42 to include a tab called priority 1 logs in intrusion prevention window, which displays any IPS rules that has trigger a priority 1 log in the IPS log.
  24. /usr/lib/lua/luci/model/cbi/snort.lua - changed
  25. /tmp/snort/priority1 - added to hold priority 1 logs
  26.  
  27. version 1
  28. Modified by Roadrunnere42 to include a tab called rule counter in intrusion prevention window, which displays the number of rules that each rule set has.
  29. This requires the following files to be changed or added
  30. /tmp/rule_counter.log - created when run
  31. /sbin/fw_upgrade.sh - changed
  32. /usr/lib/lua/luci/model/cbi/snort.lua - changed
  33.  
  34. ]]--
  35.  
  36. local fs = require "nixio.fs"
  37. local sys = require "luci.sys"
  38. require "ubus"
  39.  
  40. m = Map("snort", translate("Intrusion Prevention"), translate("Changes may take up to 90 seconds to take effect, service may be interrupted during that time. The IPS engine will restart each time you click the Save & Apply or On/Off button."))
  41.  
  42. m.on_init = function()
  43.  
  44. -- Read the SHIELD_MODE envsetup
  45. if os.getenv("SHIELD_MODE") == "Router" then
  46. luci.sys.call("sed '1!G;h$!d' /var/log/snort/alert.log > /tmp/snort/alert2.log")
  47. end
  48. luci.sys.call("grep -i 'priority: 1' /var/log/snort/alert2.log > /var/log/snort/priority1.log")
  49. end
  50.  
  51. m.reset = false
  52. m.submit = false
  53.  
  54. s = m:section(NamedSection, "snort")
  55. s.anonymous = true
  56. s.addremove = false
  57.  
  58. s:tab("tab_basic", translate("Basic Settings"))
  59. -- Read the SHIELD_MODE envsetup
  60. if os.getenv("SHIELD_MODE") == "Router" then
  61. s:tab("tab_wan", translate("WAN Config"))
  62. s:tab("tab_lan", translate("LAN Config"))
  63. else
  64. s:tab("tab_config", translate("Config"))
  65. end
  66.  
  67. s:tab("tab_threshold", translate("Threshold Config"))
  68. s:tab("tab_custom", translate("Custom Rules"))
  69. s:tab("tab_rules", translate("Exclude Rules"))
  70. s:tab("tab_logs", translate("IPS Logs"))
  71. s:tab("tab_priority", translate("IPS Priority 1 log"))
  72. s:tab("tab_counter", translate("Rule Counter"))
  73. --s:tab("tab_snort1", translate("Snort Rules Selector"))
  74.  
  75.  
  76. --------------------- Basic Tab ------------------------
  77. local status="not running"
  78. require "ubus"
  79. local conn = ubus.connect()
  80. if not conn then
  81. error("Failed to connect to ubusd")
  82. end
  83.  
  84. for k, v in pairs(conn:call("service", "list", { name="snort" })) do
  85. status="running"
  86. end
  87.  
  88. button_start = s:taboption("tab_basic",Button, "start", translate("Status: "))
  89. if status == "running" then
  90. button_start.inputtitle = "ON"
  91. else
  92. button_start.inputtitle = "OFF"
  93. end
  94.  
  95. button_start.write = function(self, section)
  96. if status == "not running" then
  97. sys.call("service snort start")
  98. button_start.inputtitle = "ON"
  99. button_start.title = "Status: "
  100. else
  101. sys.call("service snort stop")
  102. button_start.inputtitle = "OFF"
  103. button_start.title = "Status: "
  104. end
  105. end
  106.  
  107. if status == "running" then
  108. button_restart = s:taboption("tab_basic", Button, "restart", translate("Restart: "))
  109. button_restart.inputtitle = "Restart"
  110. button_restart.write = function(self, section)
  111. sys.call("service snort restart")
  112. end
  113. end
  114.  
  115. if os.getenv("SHIELD_MODE") == "Router" then
  116. --------------------- Snort Instance WAN Tab -----------------------
  117.  
  118. config_file1 = s:taboption("tab_wan", TextValue, "text1", "")
  119. config_file1.wrap = "off"
  120. config_file1.rows = 25
  121. config_file1.rmempty = false
  122.  
  123. function config_file1.cfgvalue()
  124. local uci = require "luci.model.uci".cursor_state()
  125. file = "/etc/snort/snort7.conf"
  126. if file then
  127. return fs.readfile(file) or ""
  128. else
  129. return ""
  130. end
  131. end
  132.  
  133. function config_file1.write(self, section, value)
  134. if value then
  135. local uci = require "luci.model.uci".cursor_state()
  136. file = "/etc/snort/snort7.conf"
  137. fs.writefile(file, value:gsub("\r\n", "\n"))
  138. luci.sys.call("/etc/init.d/snort restart")
  139. end
  140. end
  141.  
  142. ---------------------- Snort Instance LAN Tab ------------------------
  143.  
  144. config_file2 = s:taboption("tab_lan", TextValue, "text2", "")
  145. config_file2.wrap = "off"
  146. config_file2.rows = 25
  147. config_file2.rmempty = false
  148.  
  149. function config_file2.cfgvalue()
  150. local uci = require "luci.model.uci".cursor_state()
  151. file = "/etc/snort/snort8.conf"
  152. if file then
  153. return fs.readfile(file) or ""
  154. else
  155. return ""
  156. end
  157. end
  158.  
  159. function config_file2.write(self, section, value)
  160. if value then
  161. local uci = require "luci.model.uci".cursor_state()
  162. file = "/etc/snort/snort8.conf"
  163. fs.writefile(file, value:gsub("\r\n", "\n"))
  164. luci.sys.call("/etc/init.d/snort restart")
  165. end
  166. end
  167.  
  168. else
  169. ---------------------- Snort Config Tab ------------------------
  170.  
  171. config_file2 = s:taboption("tab_config", TextValue, "config1", "")
  172. config_file2.wrap = "off"
  173. config_file2.rows = 25
  174. config_file2.rmempty = false
  175.  
  176. function config_file2.cfgvalue()
  177. local uci = require "luci.model.uci".cursor_state()
  178. file = "/etc/snort/snort_bridge.conf"
  179. if file then
  180. return fs.readfile(file) or ""
  181. else
  182. return ""
  183. end
  184. end
  185.  
  186. function config_file2.write(self, section, value)
  187. if value then
  188. local uci = require "luci.model.uci".cursor_state()
  189. file = "/etc/snort/snort_bridge.conf"
  190. fs.writefile(file, value:gsub("\r\n", "\n"))
  191. luci.sys.call("/etc/init.d/snort restart")
  192. end
  193. end
  194. end
  195.  
  196. ---------------------- Threshold Config Tab ------------------------
  197.  
  198. config_file2 = s:taboption("tab_threshold", TextValue, "threshold", "")
  199. config_file2.wrap = "off"
  200. config_file2.rows = 25
  201. config_file2.rmempty = false
  202.  
  203. function config_file2.cfgvalue()
  204. local uci = require "luci.model.uci".cursor_state()
  205. file = "/etc/snort/threshold.conf"
  206. if file then
  207. return fs.readfile(file) or ""
  208. else
  209. return ""
  210. end
  211. end
  212.  
  213. function config_file2.write(self, section, value)
  214. if value then
  215. local uci = require "luci.model.uci".cursor_state()
  216. file = "/etc/snort/threshold.conf"
  217. fs.writefile(file, value:gsub("\r\n", "\n"))
  218. luci.sys.call("/etc/init.d/snort restart")
  219. end
  220. end
  221.  
  222. ---------------------- Custom Rules Tab ------------------------
  223.  
  224. config_file2 = s:taboption("tab_custom", TextValue, "text3", "")
  225. config_file2.wrap = "off"
  226. config_file2.rows = 25
  227. config_file2.rmempty = false
  228.  
  229. function config_file2.cfgvalue()
  230. local uci = require "luci.model.uci".cursor_state()
  231. file = "/etc/snort/rules/local.rules"
  232. if file then
  233. return fs.readfile(file) or ""
  234. else
  235. return ""
  236. end
  237. end
  238.  
  239. function config_file2.write(self, section, value)
  240. if value then
  241. local uci = require "luci.model.uci".cursor_state()
  242. file = "/etc/snort/rules/local.rules"
  243. fs.writefile(file, value:gsub("\r\n", "\n"))
  244. luci.sys.call("/etc/init.d/snort restart")
  245. end
  246. end
  247.  
  248. --------------------- Exclude Rules Tab ------------------------
  249.  
  250. config_file5 = s:taboption("tab_rules", TextValue, "text4", "")
  251. config_file5.wrap = "off"
  252. config_file5.rows = 25
  253. config_file5.rmempty = false
  254.  
  255. function config_file5.cfgvalue()
  256. local uci = require "luci.model.uci".cursor_state()
  257. file = "/etc/snort/rules/exclude.rules"
  258. if file then
  259. return fs.readfile(file) or ""
  260. else
  261. return ""
  262. end
  263. end
  264.  
  265. function config_file5.write(self, section, value)
  266. if value then
  267. local uci = require "luci.model.uci".cursor_state()
  268. file = "/etc/snort/rules/exclude.rules"
  269. fs.writefile(file, value:gsub("\r\n", "\n"))
  270. luci.sys.call("/etc/init.d/snort restart")
  271. end
  272. end
  273.  
  274. --------------------- Logs Tab ------------------------
  275.  
  276. snort_logfile = s:taboption("tab_logs", TextValue, "logfile", "")
  277. snort_logfile.wrap = "off"
  278. snort_logfile.rows = 25
  279. snort_logfile.rmempty = false
  280.  
  281. function snort_logfile.cfgvalue()
  282. local uci = require "luci.model.uci".cursor_state()
  283. local file = "/tmp/snort/alert2"
  284. if file then
  285. return fs.readfile(file) or ""
  286. else
  287. return ""
  288. end
  289. end
  290.  
  291. ---------------------Priority Tab ------------------------
  292. snort_logfile1 = s:taboption("tab_priority", TextValue, "IPS priority 1 log", "")
  293. snort_logfile1.wrap = "off"
  294. snort_logfile1.rows = 25
  295. snort_logfile1.rmempty = false
  296.  
  297. function snort_logfile1.cfgvalue()
  298. local uci = require "luci.model.uci".cursor_state()
  299. local file = "/tmp/snort/priority1"
  300. if file then
  301. return fs.readfile(file) or ""
  302. else
  303. return ""
  304. end
  305. end
  306.  
  307. --------------------- counter Tab ------------------------
  308.  
  309. counter = s:taboption("tab_counter", TextValue, "Counter", "")
  310. counter.wrap = "off"
  311. counter.rows = 25
  312. counter.rmempty = false
  313.  
  314. function counter.cfgvalue()
  315. local uci = require "luci.model.uci".cursor_state()
  316. local file = "/tmp/rule_counter.log"
  317. if file then
  318. return fs.readfile(file) or ""
  319. else
  320. return ""
  321. end
  322. end
  323.  
  324. --------------------- snort rule selector Tab ------------------------
  325.  
  326.  
  327. -- firefox = s:taboption("tab_snort1", Flag, "content_firefox", translate("Firefox"))
  328. -- firefox.default=firefox.disabled
  329. -- firefox.rmempty = false
  330.  
  331. --firefox = s:taboption("tab_snort1", Flag, "content_firefox", translate("Firefox"))
  332. -- firefox.default=snort1.enabled
  333. -- firefox.rmempty = false
  334.  
  335.  
  336.  
  337.  
  338.  
  339.  
  340.  
  341.  
  342. return m
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!